25 Avr 2019
Vulnérabilité CVE-2018-18286 CVE Vulnerability
SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the changepwd interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts. (CVSS:0.0) (Last Update:2019-04-25)
Vulnerability Details : SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the changepwd interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts. Publish Date : 2019-04-25 Last Update Date : 2019-04-25 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2018-18286
- References For CVE-2018-18286 | |||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2018-18286There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |